Hmm, i didnt test but check using Exception what's the exact type, wrapping sometimes leads to surprises.
Side note: a filter would work in all cases. Le 27 déc. 2013 21:25, "Matej" <[email protected]> a écrit : > Hello Romain. > > I tried with something like this: > > > @Provider > public class EjbAccessExceptionMapper implements > ExceptionMapper<EJBAccessException> { > > @Override > public Response toResponse(EJBAccessException t) { > return > Response.status(Status.BAD_REQUEST).entity(t.getMessage()).build(); > } > } > > > But I don't tnik the Error message is returned from the REST /CXF domain. > > javax.servlet.ServletException: Error processing webservice request > org.apache.openejb.server.rest.RsServlet.service(RsServlet.java:59) > javax.servlet.http.HttpServlet.service(HttpServlet.java:728) > > org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51) > > *root cause* > > java.lang.RuntimeException: org.apache.cxf.interceptor.Fault: > Unauthorized Access by Principal Denied while invoking public > javax.ws.rs.core.Response > > org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:116) > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:322) > > org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) > > org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:237) > > org.apache.openejb.server.cxf.rs.CxfRsHttpListener.onMessage(CxfRsHttpListener.java:170) > org.apache.openejb.server.rest.RsServlet.service(RsServlet.java:53) > javax.servlet.http.HttpServlet.service(HttpServlet.java:728) > > org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51) > > *root cause* > > org.apache.cxf.interceptor.Fault: Unauthorized Access by Principal > Denied while invoking public > javax.ws.rs.core.Response.getEmployeeTimesheet(long,long) with params > [0, 0]. > > org.apache.cxf.service.invoker.AbstractInvoker.createFault(AbstractInvoker.java:166) > > org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:140) > org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:165) > > org.apache.openejb.server.cxf.rs.OpenEJBEJBInvoker.invoke(OpenEJBEJBInvoker.java:67) > org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:89) > > org.apache.openejb.server.cxf.rs.AutoJAXRSInvoker.invoke(AutoJAXRSInvoker.java:63) > > org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:57) > > org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:93) > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262) > > org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) > > org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:237) > > org.apache.openejb.server.cxf.rs.CxfRsHttpListener.onMessage(CxfRsHttpListener.java:170) > org.apache.openejb.server.rest.RsServlet.service(RsServlet.java:53) > javax.servlet.http.HttpServlet.service(HttpServlet.java:728) > > org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51) > > *root cause* > > javax.ejb.EJBAccessException: Unauthorized Access by Principal Denied > > org.apache.openejb.core.stateless.StatelessContainer.invoke(StatelessContainer.java:158) > > org.apache.openejb.util.proxy.ProxyEJB$Handler.invoke(ProxyEJB.java:73) > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > java.lang.reflect.Method.invoke(Method.java:606) > > org.apache.openejb.server.cxf.rs.OpenEJBEJBInvoker.performInvocation(OpenEJBEJBInvoker.java:93) > > org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96) > org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:165) > > org.apache.openejb.server.cxf.rs.OpenEJBEJBInvoker.invoke(OpenEJBEJBInvoker.java:67) > org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:89) > > org.apache.openejb.server.cxf.rs.AutoJAXRSInvoker.invoke(AutoJAXRSInvoker.java:63) > > org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:57) > > org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:93) > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262) > > org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) > > org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:237) > > org.apache.openejb.server.cxf.rs.CxfRsHttpListener.onMessage(CxfRsHttpListener.java:170) > org.apache.openejb.server.rest.RsServlet.service(RsServlet.java:53) > javax.servlet.http.HttpServlet.service(HttpServlet.java:728) > > org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51) > > > > 2013/12/27 Romain Manni-Bucau <[email protected]> > > > Hi > > > > I'd add a custom ExceptionMapper or Filter. > > Le 27 déc. 2013 20:31, "Matej" <[email protected]> a écrit : > > > > > Hello everyone. > > > > > > Anybody knows how to make Tomee/cxf return a forbidden HTTP status code > > 401 > > > or 403 instead of this: > > > > > > STATUS 500 > > > > > > java.lang.RuntimeException: org.apache.cxf.interceptor.Fault: > > > Unauthorized Access by Principal Denied > > > > > > I manage to do this in glassfish using this: > > > > > > <init-param> > > > > > > <param-name>com.sun.jersey.spi.container.ResourceFilters</param-name> > > > > > > > > > <param-value>com.sun.jersey.api.container.filter.RolesAllowedResourceFilterFactory</param-value> > > > </init-param> > > > > > > But Tomee is currently new-land for me. > > > > > > BR > > > > > > Matej > > > > > >
